Multi-factor and Strong Authentication

Video June 01, 2022

Fixing the Way the World Logs In

Passwords are quickly and easily compromised, they are costly and difficult to manage, and they result in poor user experiences. Many organizations are looking for alternatives, but find it challenging to identify appropriate passwordless and phishing resistant authentication solutions that…

Blog April 22, 2022

PCI-DSS 4.0 launched

The Payment Card Industry (PCI) Standards Council has published a major update to the Data Security Standard (DSS), version 4.0. This version is an improvement over the current version, 3.2.1, which came out in 2018.  The new publication directs organizations that need to be compliant…

Video April 18, 2022

Analyst Chat #121: Increasing the Adoption of MFA and Risk-based Authentication

A recently published study shows that the use of strong authentication in enterprise environments is at a very low level. John Tolbert explains this finding to Matthias and together they discuss how to find a way out of this situation.

Video March 11, 2022

Eliminate Passwords With Invisible Multi-Factor Authentication

A high proportion of data breaches and ransomware attacks exploit stolen credentials. Eliminating passwords with multifactor authentication is an effective way to reduce the risk of unauthorized access to company networks, systems, SaaS applications, cloud infrastructure, and data. But not…

Webinar March 03, 2022

May 31, 2022: Fixing the Way the World Logs In

Passwords are quickly and easily compromised, they are costly and difficult to manage, and they result in poor user experiences. Many organizations are looking for alternatives, but find it challenging to identify appropriate passwordless and phishing resistant authentication solutions that…

Blog January 27, 2022

Has Your Organization Rolled Out MFA Yet?

Have you entered a password somewhere today? Do you wonder why you’re still having to do that? Did entering that password give you a feeling of digital safety? Did it make your consumer experience more enjoyable? Cybersecurity and identity management experts have been proclaiming the…

Webinar January 11, 2022

Mar 10, 2022: Eliminate Passwords With Invisible Multi-Factor Authentication

A high proportion of data breaches and ransomware attacks exploit stolen credentials. Eliminating passwords with multifactor authentication is an effective way to reduce the risk of unauthorized access to company networks, systems, SaaS applications, cloud infrastructure, and data. But not…

Blog January 06, 2022

The Future of Authentication - Passwordless

Single factor authentication like passwords is considered bad practice. Passwordless authentication, done right, is not only more secure but also more convenient. Learn more about the increasing demand, regulations as well as use cases. Martin Kuppinger enjoyed a delightful conversation…

Video December 21, 2021

Prediction #1 - Passwordless Authentication: Killing the Undead will become Mainstream in 2022

The increased importance of a frictionless user experience as a digital business success factor on the one side, and a big wave of ransomware and similar attacks with user credentials as a main entry point are forcing us to rethink authentication and finally get rid of the password.…

Video September 30, 2021

A Customer-First Approach to Identity-Based Authentication

Even though passwords can be compromised easily and are generally considered unsafe, they are still ubiquitous in a time when multi-factor authentication and biometrics are easily available. There’s little doubt that eliminating passwords improves security, but to effect fundamental…

Blog September 20, 2021

A Iot to Venture, More to GAIN

As social beings, people interact with their environment, whether as citizens of a state, as employees of a company or as contractual partners (customers, insured persons) with a company in the private sector. Even if a large number of such transactions can take place anonymously (coffee to…

Webinar July 28, 2021

Sep 29, 2021: A Customer-First Approach to Identity-Based Authentication

Even though passwords can be compromised easily and are generally considered unsafe, they are still ubiquitous in a time when multi-factor authentication and biometrics are easily available. There’s little doubt that eliminating passwords improves security, but to effect fundamental change…

Video July 07, 2021

The Path to Going Passwordless

Password-based authentication is no longer fit for purpose. Passwords are costly and difficult to manage, they result in poor user experiences, and they are easily compromised. This has been widely recognized for some time, but going passwordless is also challenging and continues to be…

Video June 18, 2021

Does Increased Security Still Mean Added Complexity?

We’re all accessing more goods and services online than we ever thought possible, which has presented a huge opportunity for cyber criminals. Rapid digital transformation has left some businesses exposed, and fraudsters are looking to exploit new weaknesses. Strong digital identity…

Video May 25, 2021

Remote-Angestellte mit starker Authentifizierung schützen

Hacker schlagen Kapital aus Unsicherheit, Angst, Ablenkung, Isolation und Verwirrung. Die Verlagerung auf Remote-Arbeit hat viele dieser Eigenschaften, daher ist es entscheidend, das Vertrauen der Benutzer wiederherzustellen. Die Schulung der Mitarbeiter ist unerlässlich, schützt…

Webinar March 26, 2021

May 20, 2021: Remote-Angestellte mit starker Authentifizierung schützen

Hacker schlagen Kapital aus Unsicherheit, Angst, Ablenkung, Isolation und Verwirrung. Die Verlagerung auf Remote-Arbeit hat viele dieser Eigenschaften, daher ist es entscheidend, das Vertrauen der Benutzer wiederherzustellen. Die Schulung der Mitarbeiter ist unerlässlich, schützt aber nicht…

Blog January 04, 2021

This Is Why We Can’t Have Nice Things

I had no intention to write any blog posts during the holidays or, God forbid, do any predictions for the next year (look how relevant last year’s predictions turned out to be). However, an interesting story involving Ticketmaster, a large American ticket sales company, has caught my…

Video July 29, 2020

We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by…

Video July 10, 2020

Analyst Chat #29: Getting Rid of the Password

Warwick Ashford and Matthias Reinwarth discuss the standards, technologies and organizational changes needed to finally get rid of the password-based authentication once and for all.

Video July 10, 2020

Working From Home Is Not Secure Without an Effective IAM

The past few months have not only been disruptive to business models, but also to the way many people work. Working from Home (WfH) is the new normal for many of us, but it comes with many challenges, for workers, for their managers, for the IT teams. One of the biggest challenges is…

Video June 19, 2020

Analyst Chat #23: When is a Security Product not a Security Product?

Matthias Reinwarth and John Tolbert talk about profound implications of security products not having their administrative interfaces sufficiently secured with technologies like multi-factor authentication.

Webinar June 10, 2020

Jul 28, 2020: We Need to Talk About Passwords – Urgently!

Passwords have been used for authentication for decades and continue to proliferate. Yet we know they create friction for users, slow down business productivity, and are a weak form of user authentication. Users are always forgetting them or use weak passwords that are easily cracked by…

Blog April 15, 2020

Why Adaptive Authentication is the Future

Martin Kuppinger explains adaptive authentication.

Video April 15, 2020

Why Adaptive Authentication is the Future

Martin Kuppinger explains adaptive authentication.

Webinar March 25, 2020

Jul 09, 2020: Working From Home Is Not Secure Without an Effective IAM

The past few months have not only been disruptive to business models, but also to the way many people work. Working from Home (WfH) is the new normal for many of us, but it comes with many challenges, for workers, for their managers, for the IT teams. One of the biggest challenges is finding…

Blog March 17, 2020

5G and Identity

5G Identity and Authentication 5G is the next generation of cellular mobile communications intended to support the massive increase in capacity and connectivity that will be required for the future cloud of things and to provide the enhanced bandwidth needed for new mobile data…

Blog March 09, 2020

High Assurance MFA Options for Mobile Devices

In recent years much of the focus in the authentication space has been on MFA, mobile devices, and biometrics. Many technical advances have been made which also serve to increase usability and improve consumer experiences. There are a few reasons for this. MFA Multi-factor authentication…

Video December 04, 2019

Extending Beyond the Limits of Multi-Factor Authentication With Continuous Adaptive Trust

The Identity and Access Management (IAM) market is undergoing rapid and at times transformative change. A steady progression from on-premises to API and cloud platforms is visible as vendors innovate, but authentication tools are under attack from determined adversaries.

Blog November 06, 2019

Authentication and Education High on CISO Agenda

Multifactor authentication and end-user education emerged as the most common themes at a CISO forum with analysts held under Chatham House Rules in London. Chief information security officers across a wide range of industry sectors agree on the importance of multifactor authentication (MFA)…

Video October 30, 2019

Complying With PSD2: Everything You Need to Know

With the Revised Payment Service Directive (PSD2) coming into full effect this fall, banks and online retailers need to adapt to changes that carry with them many regulatory and technical challenges. Acknowledging these extensive changes, Germany’s Federal Financial Supervisory…

Video October 18, 2019

Facilitating Business with State-of-the-Art Identity Proofing Solutions

For traditional or Business-to-Employee (B2E) IAM, HR departments are responsible for gathering documentation from employees to determine their suitability for employment. For Business-to-Consumer (B2C) or CIAM, identity proofing can be more difficult. Depending on the nature of the…

Blog October 17, 2019

Leading IDaaS Supplier OneLogin Aiming for the Top

OneLogin is among the leading vendors in the overall, product, innovation and market leadership ratings in KuppingerCole’s latest Leadership Compass Report on IDaaS Access Management, but is aiming to move even further up the ranks. In a media and analyst briefing, OneLogin…

Webinar September 19, 2019

Dec 03, 2019: Extending Beyond the Limits of Multi-Factor Authentication With Continuous Adaptive Trust

The Identity and Access Management (IAM) market is undergoing rapid and at times transformative change. A steady progression from on-premises to API and cloud platforms is visible as vendors innovate, but authentication tools are under attack from determined adversaries.

Blog September 13, 2019

PSD2 in a Europe of Small Principalities

Europe’s consumers have been promised for some years now that strong customer authentication (SCA) was on its way. And the rules as to when this should be applied in e-commerce are being tightened. The aim is to better protect the customers of e-commerce services.  This sounds…

Blog September 06, 2019

Facebook Breach Leaves Half a Billion Users Hanging on the Line

It seems that there is simply no end to a long series of Facebook’s privacy blunders. This time, a security researcher has stumbled upon an unprotected server hosting several huge databases containing phone numbers of 419 million Facebook users from different countries. Judging by the…

Video September 06, 2019

It’s Time to Forget Your Password and Settle for Multi-Factor Authentication

The majority of security breaches and attacks can be traced back to stolen and compromised passwords. Mobile devices are often particularly vulnerable because many users tend to avoid long passwords and special characters.

Webinar August 28, 2019

Oct 29, 2019: Complying With PSD2: Everything You Need to Know

With the Revised Payment Service Directive (PSD2) coming into full effect this fall, banks and online retailers need to adapt to changes that carry with them many regulatory and technical challenges. Acknowledging these extensive changes, Germany’s Federal Financial Supervisory Authority…

Blog July 30, 2019

Account Takeovers on the Rise

Account Takeover (ATO) attacks are on the rise. The 2019 Forter Fraud Attack Index shows a 45% increase in this type of attack on consumer identities in 2018. ATOs are just what they sound like: cybercriminals gain access to accounts through various illegal means and use…

Blog July 12, 2019

Passwordless for the Masses

What an interesting coincidence: I’m writing this just after finishing a webinar where we talked about the latest trends in strong authentication and the ways to eliminate passwords within an enterprise. Well, this could not have been a better time for the latest announcement from…

Video July 12, 2019

The Passwordless Enterprise: Building A Long-Term Zero Trust Strategy

“The password is dead.” We have heard this statement for at least a decade, yet even in 2019, data breaches based on stolen user credentials continue to dominate the headlines. Why do passwords so stubbornly refuse to die?

Webinar June 27, 2019

Sep 05, 2019: It’s Time to Forget Your Password and Settle for Multi-Factor Authentication

The majority of security breaches and attacks can be traced back to stolen and compromised passwords. Mobile devices are often particularly vulnerable because many users tend to avoid long passwords and special characters.

Webinar June 21, 2019

Oct 17, 2019: Facilitating Business with State-of-the-Art Identity Proofing Solutions

For traditional or Business-to-Employee (B2E) IAM, HR departments are responsible for gathering documentation from employees to determine their suitability for employment. For Business-to-Consumer (B2C) or CIAM, identity proofing can be more difficult. Depending on the nature of the…

Video June 19, 2019

Getting Rid of the Password – How to Increase Safety Affordably

Despite compromised passwords being the leading cause of data breaches, most online businesses still rely on solely using passwords for logins. While getting rid of password authentication is desirable from a security standpoint, organizations fear that it is a costly endeavor that can also…

Webinar May 29, 2019

Jul 11, 2019: The Passwordless Enterprise: Building A Long-Term Zero Trust Strategy

“The password is dead.” We have heard this statement for at least a decade, yet even in 2019, data breaches based on stolen user credentials continue to dominate the headlines. Why do passwords so stubbornly refuse to die?

Blog May 22, 2019

Oops, Google Did It Again!

Like many people with a long career in IT, I have numerous small computer-related side duties I’m supposed to perform for my less skilled friends and relatives. Among those, I’m helping manage a G Suite account for a small business a friend of mine has. Needless to say, I was a…

Video April 26, 2019

Secure Login for Highly-Regulated Hybrid Environments: Avoid Being Forced Into the Cloud

The march of the cloud is unstoppable. Eager to outsource the tedious and expensive maintenance of their IT infrastructures to a reliable 3rd party, most companies would dream of becoming cloud-native, at least in the long term. Needless to say, letting someone else run your identity…

Webinar April 08, 2019

Jun 18, 2019: Getting Rid of the Password – How to Increase Safety Affordably

Despite compromised passwords being the leading cause of data breaches, most online businesses still rely on solely using passwords for logins. While getting rid of password authentication is desirable from a security standpoint, organizations fear that it is a costly endeavor that can also…

Webinar February 21, 2019

Apr 25, 2019: Secure Login for Highly-Regulated Hybrid Environments: Avoid Being Forced Into the Cloud

The march of the cloud is unstoppable. Eager to outsource the tedious and expensive maintenance of their IT infrastructures to a reliable 3rd party, most companies would dream of becoming cloud-native, at least in the long term. Needless to say, letting someone else run your identity…